CVE-2011-0780

The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

CVE-2011-0780

Removed by vendor...

Google Chrome < 9.0.597.84 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 9.0.597.84. It therefore is reportedly affected by multiple vulnerabilities : - A use-after-free issue exists in image loading. Issue 55381 - An unspecified issue exists relating to cross-origin drag and drop. Issue 59081 -...

CVE-2011-0734

Cross-site scripting XSS vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack. NOTE: this was originally reported as...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack. NOTE: this was originally reported as...

CVE-2010-2663

CVE-2010-2663 affects the Opera web browser prior to 10.60. An ended event handler that changes the SRC attribute of an AUDIO element can trigger a denial of service (application hang). The OpenVAS/Gentoo entries corroborate Opera-focused vulnerabilities with this vector and point to upgrading to...

Google Chrome multiple vulnerabilities - June 10

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjun10.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - June 10 Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...

pmwiki: persistent cross site scripting &#40;XSS&#41;, CVE-2010-1481

pmwiki: persistent cross site scripting XSS, CVE-2010-1481 References https://vulners.com/cve/CVE-2010-1481 http://int21.de/cve/CVE-2010-1481-pmwiki-xss.html Description The table feature of pmwiki is vulnerable to persistent cross site scripting XSS. The value of the width-parameter is not...

openSUSE Security Update : firefox35upgrade (firefox35upgrade-2262)

This patch updates Mozilla Firefox from the 3.0 stable branch to the 3.5.9 release. It includes also following security fixes: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes...

Debian DSA-2027-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0174 Jesse Ruderman and Ehsan Akhgari discovered crashes...

DSA-2027-1 xulrunner - several vulnerabilities

Bulletin has no description...

SeaMonkey < 2.0.4 Multiple Vulnerabilities

Binary data 5495.prm...

SeaMonkey < 2.0.4 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.4. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2010-16 - A select event handler for XUL tree items can be called after the item is deleted. MFSA...

Mozilla Firefox XBL Event Handler Tags Removal Memory Corruption (CVE-2007-5339)

Mozilla Firefox is a very popular web browser developed by the Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions HTML, XML, XUL, Javascript, various graphics formats, and so on. The browser runs on...

Google Chrome 'KEYGEN' Element Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromekeygendosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome 'KEYGEN' Element Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyright...

Firefox arbitrary code execution flaw

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

CVE-2009-1838

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

Design/Logic Flaw

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...

CVE-2009-1838

CVE-2009-1838 affects Mozilla Firefox (pre-3.0.11), Thunderbird (pre-2.0.0.22), and SeaMonkey (pre-1.1.17). The garbage-collection implementation can set an element’s owner document to null under unspecified circumstances, due to an incorrect event-handler context. This allows remote attackers to...

CVE-2009-1838

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafte...